Configure Message Size Limits in Exchange 2010

If you’re running Exchange 2010 at your office, you may have noticed that the default incoming and outgoing message size limit  is 10,240 KB or 10 MB. These days, however, there are many attachments that far exceed this size.

If you want to increase the maximum receive size and the maximum send size for emails, it’s not as simple as you might think. But then again, when is anything easy to figure out in Exchange!

In order to change the size limits, you have to make the change in several locations within the Exchange Management Console.

hub transport exchange

First, you need to modify the global settings at this location:

Organization Configuration – Hub Transport – Global Settings – Properties of Transport Settings

Here you will be able to edit the transport send and receive limits. Once you have done that, you need to modify the send and receive connectors.

global transport settngs

You can change the Send Connector by going to the following location:

Organization Configuration – Hub Transport – Global Settings – Properties of Default Send

And you can do the same thing for the Receive Connector here:

Server Configuration – Hub Transport – Receive Connectors Pane – Properties of Default <host>

That is all there is to it! Note that the largest value you can enter into the maximum receive size and maximum send size in KB is 2097151, which is basically 2 GB! Hopefully, no one in your organization needs to attach a file that is 2 GB in size.

Finally, you need to make sure you restart your Exchange server for the new size limits to take effect. If you can’t reboot, you can try to restart the Exchange services and see if that works.

Also, you can change the max number of recipients in the Global Transport settings dialog. The range is from 0 to a whopping 2147483647.

Exchange System Manager 2003 for Windows Vista now available

At my previous job one of my resonsibilities was to maintain several Exchange 2003 installations.  One of the reasons I chose not to run Windows Vista on my laptop was because there was no Exchange System Manager (ESM) 2003 administrative tools that ran on Vista.

The Microsoft Exchange Team Blog just announced a version of ESM 2003 for Vista is now available for download.

IMPORTANT: Installing Exchange System Manager on the same computer as Microsoft Office Outlook is not supported, because MAPI CDO cannot be installed


You can install Exchange System Manager for Exchange Server 2003 on a Windows Vista-based computer using the following requirements:

• Must be run on a computer in a domain that has Microsoft Exchange Server 2003 (SP2) installed.
• Must be installed on Windows Vista or Windows Vista Service Pack 1 (SP1).
• The following must be installed by a user who has Administrative rights. Windows Server 2003 Service Pack 1 Administration Tools Pack or Windows Server 2003 R2 Administration Tools Pack (x86). We recommend installing R2.
• Windows Server 2008 is not supported.

Windows 2008/Exchange 2007 Event 4001: A transient failure has occurred. The problem may resolve itself in awhile. The service will retry in 56 seconds.

Today I was installing Exchange 2007 SP1 on an HP Proliant DL380 G5 server running Windows 2008 x64. After the installation and reboot, I kept receiving the following error in the Event log:

Event ID: 4001 Source: MSExchange System Attendant Mailbox

A transient failure has occurred. The problem may resolve itself in awhile. The service will retry in 56 seconds. Diagnostic information: Could not find any available Domain Controller.

I did exhaustive research and finally came across this thread, which suggested updating the Intel NC110T NIC drivers and disabling the checksum offload options on the server’s network card. I was already running the most recent version (9.10 dated February 25 2008) of the HP driver for the Intel NIC, but did disable all the checksum offload options.

Following a reboot all of my Event 4001 error messages disappeared. The local administrators are going to open a support case with HP to try to determine some type of resolution that does not require disabling the NIC’s checksum offload options.

Microsoft Exchange Server 2007 Shapes and Icons for Visio

I was just diagramming an Exchange 2007 deployment and came across the Microsoft Office Visio Stencil Containing Shapes for Microsoft Exchange Server 2007, a free download from Microsoft.

This stencil and template provided enable you to create Visio drawings that contain Exchange Server 2007 objects. These shapes include icons for Exchange 2007 server roles, networking, telephony and Unified Messaging objects, Active Directory and directory service objects, client computers and devices, and other Exchange organization elements. 

To use this stencil, place these 2 files (MicrosoftExchangeServer2007_Icons.vst and MicrosoftExchangeServer2007_Icons.vss) in your local C:\Documents and Settings\yourname\My Documents\My Shapes folder.

In Visio, click File, click Open, and then go to your My Shapes folder. Open the MicrosoftExchangeServer2007_Icons.vst file. The shapes will appear in the Microsoft Exchange Server 2007 stencil in the Shapes pane.

This download requires Microsoft Office Visio 2003 or later.


Howto: Enable POP3 logging in Exchange 2007

POP3 logging is not enabled by default in Exchange 2007. To enable it, edit the C:\Program Files\Microsoft\Exchange Server\ClientAccess\PopImap\Microsoft.Exchange.Pop3.exe.config file.

Under appSettings, change

<add key=”ProtocolLog” value=”false” />


<add key=”ProtocolLog” value=”true” />

and restart the Microsoft Exchange POP3 service. You can restart it in services.msc or run the following command from the Exchange Management Console:

Restart-service MSExchangePOP3

Log files will be created in your C:\Program Files\Microsoft\Exchange Server\Logging\Pop3 folder.

Troubleshooting Exchange 2007 ESE Event 491

My Exchange 2007 SP1 server started reporting Event 491 in the Application Log.

Source: ESE Event ID: 491

edgetransport (3488) Transport Mail Database: An attempt to determine the minimum I/O block size for the volume “D:\” containing “D:\Program Files\Microsoft\Exchange Server\TransportRoles\data\Queue\” failed with system error 5 (0×00000005): “Access is denied. “. The operation will fail with error -1032 (0xfffffbf8).

The Microsoft Exchange Transport service was not automatically starting as well. A few posts I found mentioned excluding the Program Files\Microsoft\Exchange Server\TransportRoles\data\Queue directory from anti-virus scanning. I played around with all sorts of exceptions, but that didn’t resolve my problem. I even disabled the real-time A-V scanner and rebooted the server, but the problems persisted.

After hours of searching I came across this post, which pointed at permissions as the root of the problem. I had removed the default permissions on the Exchange installation drive, and Network Service was missing on the list of permissions. I tried to assign the fewest permissions as possible, but in the end here is what I assigned.

  • NETWORK SERVICE has all rights *except* Full Control and Modify on the TransportRoles folder, and inheritance is turned on. This full path is D:\Program Files\Microsoft\Exchange Server\TransportRoles\ on my server, yours may vary.
  • NETWORK SERVICE has Full Control on the D:\Program Files\Microsoft\Exchange Server\TransportRoles\data\ folder, and inheritance is turned on.
  • NETWORK SERVICE has Read & Execute, List Folder Contents, and Read on the D:\Program Files\Microsoft\Exchange Server\ folder.
  • NETWORK SERVICE has Read & Execute, List Folder Contents, and Read on the root installation folder, which is D:\ for me. I did everything I could to avoid this, but couldn’t make it work without assigning this permission.

After making these changes, reboot your server and you should find Event 491 gone and your Microsoft Exchange Transport service automatically starting once again.

Troubleshooting Exchange Error 4.4.7 Delivery Delay and Failures


One of our partners keeps receiving the following messages when trying to email certain domains:

This is an automatically generated Delivery Status Notification.



Delivery to the following recipients has been delayed.

Where is the address he’s trying to send the message to.

Eventually he receives the following message

Your message did not reach some or all of the intended recipients.

The following recipient(s) could not be reached: on 3/27/2008 9:11 AM

Could not deliver the message in the time limit specified. Please retry or contact your administrator.

<originating.mailserver.hostname #4.4.7>

He’s sending to addresses he’s previously sent to with no problems.

KB 284204 notes the following about the 4.4.7 error message:

Possible Cause: The message in the queue has expired. The sending server tried to relay or deliver the message, but the action was not completed before the message expiration time occurred. This NDR may also indicate that a message header limit has been reached on a remote server or that some other protocol timeout occurred during communication with the remote server.

Troubleshooting: This code typically indicates an issue on the receiving server. Verify the validity of the recipient address, and verify that the receiving server is configured to receive messages correctly. You may have to reduce the number of recipients in the header of the message for the host that you are receiving this NDR from. If you resend the message, it is placed in the queue again. If the receiving server is on line, the message is delivered.

You can see the problem is usually on the recipient’s server. Common causes are the recipients mail server is offline or otherwise unreachable, possibly due to DNS problems.

One thing you can try on the originator’s mail server is to increase the SMTP Virtual Server’s Delay Notification and Expiration Timeout settings.

To access these settings in Exchange 2003, open System Manager and navigate to Servers – Your Mail Server’s Name – Protocols – SMTP. Right click on your SMTP Virtual Server – Properties – Delivery tab.

SMTP Virtual Server Delivery Settings

I changed my Delay notification from 12 hours to 18 hours, and the Expiration timeout from 2 days to 4 days. You will need to tweak these settings to what is appropriate for your particular environment.

Another reason you may have these errors, especially with AOL email recipient may be you don’t have a DNS PTR record (Reverse DNS Record) for your mail server. AOL explains:

“AOL does require that all connecting Mail Transfer Agents have established reverse DNS, regardless of whether it matches the domain.”

This means if your mail server doesn’t have a Reverse DNS record, your messages sent to AOL will fail.

AOL has a page where you can enter your mail server’s IP address to determine if AOL can find it’s corresponding Reverse DNS record. If you’re not sure what the IP address of your mail server is, you can look it up based on your domain name.

Also note that setting up a Reverse DNS record is not the same process you would perform while creating a host name or other record. With forward (regular) DNS you setup your name servers with your domain registrar, like Network Solutions. With reverse DNS you must contact your ISP to have them create and host the record. The reason why is because the ISP is who is ultimately responsible for your IP address, and only they can verify that your mail server does indeed reside at that particular IP address.







Howto: Force Outlook to Download Updated Exchange Offline Address Books

I just created a new user on my Exchange 2003 server, and wanted to verify the new account was shown in the Global Address List (GAL). I’m using the Outlook 2007 client in cached mode, and I wanted to download the updated offline address book immediately, rather than waiting for it to perform it’s scheduled download.

KB 841273 explains that:

  1. Outlook in cached mode automatically updates the offline address book on the client every 24 hours. The 24-hour time period is measured from the time that the offline address book was last downloaded successfully. For example, if you complete an offline address book download at 09:00 today, Outlook will start the offline address book download the next day at approximately 09:00. Therefore, different people will receive updates at different, random times.
  2. Each day, the Exchange computer generates a full offline address book and a differential file from the previous day. The Exchange computer stores the differential file and the full file for the current day and stores only the differential files for the previous days.
  3. The default setting on the Exchange computer is to generate an offline address book differential file every morning at 04:00.
  4. By default, the Exchange computer generates the offline address book files every morning at 05:00.
  5. Unless you notice the last time that Outlook downloaded the offline address book, you may not know when Outlook is scheduled to try the next offline address book download. No indicator in the Outlook user interface advises you of the offline address book download schedule.

You can now see it’s virtually impossible to determine when my Outlook client would automatically receive the updated address list.

The steps I performed to force Exchange and Outlook to immediately synchronize the offline address books:

  1. One the server – Start Exchange System Manager, expand RecipientsOffline Address Lists. Right click on your address list and select Rebuild. You will be warned that it potentially could take a long time. Click Yes to proceed with the rebuild. Wait a few minutes, but if you have a small Exchange deployment this could finish in seconds.
  2. On the client – In Outlook click on the down arrow next to Send/Receive to open the menu. Click Download Address BookOK. Make sure that the Download changes since last Send/Receive check box is selected.

Windows 2008 Upgrade Paths, and the Problem with Exchange 2007

Ask The Performance Team has a blog posting on the upgrade paths for Windows 2008, which is set to be released at the end of this month. To begin, lets get two things clarified right away. There is no way to perform cross-platform upgrades, i.e. x86 to x64 architecture, and there is no way to upgrade from a previous version of Windows to Windows 2008 Server Core Edition. If you’re unfamiliar with Server Core, it’s installation provides a minimal environment for running specific server roles that reduces the maintenance and management requirements and the attack surface for those server roles.

Available upgrade paths from Windows Server 2003 to Windows Server 2008 are:

  • If you are currently running Windows Server 2003 Standard Edition (R2, SP1 or SP2), you can upgrade to the full installation of Windows Server 2008 Standard Edition or the full installation of Windows Server 2008 Enterprise Edition.
  • If you are currently running Windows Server 2003 Enterprise Edition (R2, SP1 or SP2), you can upgrade to the full installation of Windows Server 2008 Enterprise Edition.
  • If you are currently running W indows Server 2003 Datacenter Edition (R2, SP1 or SP2), you can upgrade to the full installation of Windows Server 2008 Datacenter Edition.

Also note that you must test all applications before migrating to any version of Windows Server 2008. Read all about the Exchange Team’s effort to migrate Exchange 2007 from Windows 2003 to Windows 2008; all of the caveats and requirements can make your head hurt.

The big problem ends up being:

Exchange 2007 SP1 can be installed on Windows Server 2008, but Windows Server 2008 cannot be installed on Exchange 2007 SP1. This means that all computers running Exchange 2007 SP1 must have Windows Server 2008 already installed before Exchange can be installed on the system. This also means that you cannot take an existing Exchange 2007 server (RTM or SP1) running on Windows Server 2003, and do an in-place upgrade of the operating system to Windows Server 2008.

Put another way:

When upgrading standalone servers, it is not supported to upgrade your operating system to Windows Server 2008 and then upgrade Exchange 2007 to SP1. It is also not supported to upgrade Exchange 2007 to SP1 and then upgrade your operating system to Windows Server 2008. To deploy Exchange 2007 SP1 on Windows Server 2008, you must install Windows Server 2008 on a computer that does not have Exchange installed, and then install Exchange 2007 SP1.

To help assist IT professionals with determining if their existing networking environment will support Windows Server 2008, Microsoft has developed the Microsoft Assessment and Planning (MAP) Solution Accelerator, which is now available for download. You can read more about this tool at the MAP Team blog.

The Microsoft Assessment and Planning Solution Accelerator performs three key functions, including hardware and device inventory, compatibility analysis, and readiness reporting. The Microsoft Assessment and Planning tool is based on agentless infrastructure scanning technology that makes it easier to set up the inventory without the requirement of installing any software agents on each machine being inventoried.

(MAP) is the expanded version of the Windows Vista Hardware Assessment solution accelerator (WVHA). This new version of the network-wide assessment tool gives you not only the original capability of hardware inventory and assessment for desktops, but also expanded features including server migration recommendation with Windows Server 2008, virtualization workload placements for server consolidation with Hyper-V or Virtual Server 2005 R2, and application virtualization recommendations with Microsoft Application Virtualization.

Clearing out Exchange SMTP queues using AQADMCLI

I recently had to help a customer clean up their SBS 2003 server which had been used to send out spam. It seems that one of their user accounts had been compromised, and we were able to stop the spam by changing the user’s password. The server’s performance was horrible, even after a reboot, and we found messages stuck in over 500 SMTP queues. Rather than clear the queues one at a time, I used the Aqadmcli tool to delete all the stuck messages at once.

To clear all the SMTP queues at once, run the following from a command prompt on the Exchange server:


setserver [servername]

delmsg flags=all


where [servername] is the name of the Exchange server containing the queues you want to clear.

You can also delete messages from a particular sender using the syntax

delmsg flags=SENDER,

You can read more about this tool here [via the Wayback Machine]

KB 324958 describes an alternate way of cleaning up the SMTP queues. There is also a webcast that shows how to accomplish SMTP queue cleanup.


Get every new post delivered to your Inbox.

Join 32 other followers